AOH :: ISN-1226.HTM

Re: One in ten law firms suffered security breaches




Re: One in ten law firms suffered security breaches
Re: One in ten law firms suffered security breaches



Forwarded from: Mark Bernard  

Dear Associates,

How about the handling of private information?  Here in Canada privacy
rights are rescinded when someone is caught committing a crime, so
likely law firms maintain records including email relevant to cases.  
What happens to these records when a person is found not guilty or
punished for a crime?  This appears to be a grey area in the data
retention law and now we are seeing that law firms are also vulnerable
to exploits.

Best regards,
Mark.


Mark E. S. Bernard, CISM, CISSP, PM,
e-mail: Mark.Bernard@TechSecure.ca; Web: http://www.TechSecure.ca; Phone: 
(506) 325-0444


----- Original Message ----- 
From: "InfoSec News"  
To:  
Sent: Friday, August 05, 2005 2:05 AM
Subject: [ISN] One in ten law firms suffered security breaches


> http://www.theinquirer.net/?article=25159 
>
> By INQUIRER staff
> 04 August 2005
>
> ACCORDING TO AN NOP World survey, 50% of law firms in the UK are
> missing basic security measures and just under half have no budget
> dedicated to digital security, despite the recently increasing IT
> security threats.
>
> 100 UK law firms were included in the NOP World survey commissioned
> by security specialists Evolution Security Systems.
>
> According to the survey, one in ten firms had suffered digital
> security breaches over the past year - showing absolutely no sign of
> improvement with exactly the same odds the year before. Over half of
> the firms believe that digital threats are increasing, yet have
> failed to take appropriate prevention steps.
>
> The survey found that even though there is a one in ten chance of a
> UK law firm suffering from digital security breaches, over half of
> those surveyed still asked co-workers to check their e-mails, while
> one quarter have never changed their e-mail passwords. Perhaps more
> worryingly, four out of ten firms that were questioned had
> absolutely no idea what to do in case of a serious IT malfunction,
> having no disaster recovery plans, or even having thought of such
> things.

[...]



_________________________________________
Attend ToorCon 
Sept 16-18th, 2005
Convention Center
San Diego, California
www.toorcon.org 

Site design & layout copyright © 1986-2014 CodeGods